if a users is disabled from AD, will the token unassigned from RSA?
also if we have changed the user search filter to narrow the scope and to bring some users in the unresolvable list.
if in the unresolvable list we found more users which should not be there. and if we are reverting the filter , will the list become empty and again assigning the token which were assigned earlier before changing the filter?
If a user is disabled, everything assigned to the user remains assigned, they just cannot authenticate.
If you made a search filter, and now users show up as unresolvable, everything assigned to those users in the past remain assigned, as the system expects the users to show up again normally and need the tokens and pins and whatnot to still be assigned (system doesn't know why they are unresolvable, and in case of an outage, you want things to remain assigned). You'd need to run a 'cleanup' of unresolvable users, to free up tokens assigned to unresolvables, then after cleanup, if you fix the filter, the users will list in the security console again, but they will not have anything assigned, they are just unregistered userid's in the list.
If a user is disabled, everything assigned to the user remains assigned, they just cannot authenticate.
If you made a search filter, and now users show up as unresolvable, everything assigned to those users in the past remain assigned, as the system expects the users to show up again normally and need the tokens and pins and whatnot to still be assigned (system doesn't know why they are unresolvable, and in case of an outage, you want things to remain assigned). You'd need to run a 'cleanup' of unresolvable users, to free up tokens assigned to unresolvables, then after cleanup, if you fix the filter, the users will list in the security console again, but they will not have anything assigned, they are just unregistered userid's in the list.